UbuntuUpdates.org

Package "libqt4-designer"

Name: libqt4-designer

Description:

Qt 4 designer module

Latest version: 4:4.8.1-0ubuntu4.9
Release: precise (12.04)
Level: updates
Repository: main
Head package: qt4-x11
Homepage: http://qt.nokia.com/

Links


Download "libqt4-designer"


Other versions of "libqt4-designer" in Precise

Repository Area Version
base main 4:4.8.1-0ubuntu4
security main 4:4.8.1-0ubuntu4.9
PPA: Ubuntu SDK Release 4:4.8.1-0ubuntu5~precise1~test1
PPA: Kubuntu-ppa Backports 4:4.8.2+dfsg-2ubuntu1~precise1~ppa6

Changelog

Version: 4:4.8.1-0ubuntu4.9 2015-06-03 16:07:01 UTC

  qt4-x11 (4:4.8.1-0ubuntu4.9) precise-security; urgency=medium

  * SECURITY UPDATE: denial of service via crafted GIF image
    - debian/patches/CVE-2014-0190.patch: check for broken image in
      src/gui/image/qgifhandler.cpp.
    - CVE-2014-0190
  * SECURITY UPDATE: denial of service via crafted BMP
    - debian/patches/CVE-2015-0295.patch: fix division by zero in
      src/gui/image/qbmphandler.cpp.
    - CVE-2015-0295
  * SECURITY UPDATE: denial of service and possible code execution via
    crafted BMP or ICO images
    - debian/patches/CVE-2015-1858-1859.patch: move check to better
      location in src/gui/image/qbmphandler.cpp, check depth in
      src/plugins/imageformats/ico/qicohandler.cpp.
    - CVE-2015-1858
    - CVE-2015-1859
  * SECURITY UPDATE: denial of service and possible code exection via
    crafted GIF image
    - debian/patches/CVE-2015-1860.patch: check bounds in
      src/gui/image/qgifhandler.cpp.
    - CVE-2015-1860

 -- Marc Deslauriers <email address hidden> Wed, 27 May 2015 08:41:41 -0400

Source diff to previous version
CVE-2014-0190 The GIF decoder in QtGui in Qt before 5.3 allows remote attackers to cause a denial of service (NULL pointer dereference) via invalid width and heigh
CVE-2015-0295 The BMP decoder in QtGui in QT before 5.5 does not properly calculate the masks used to extract the color components, which allows remote attackers t
CVE-2015-1858 Multiple buffer overflows in the QtBase module in Qt before 4.8.7 and 5.x before 5.4.2 allow remote attackers to cause a denial of service and possib
CVE-2015-1859 Multiple buffer overflows in the QtBase module in Qt before 4.8.7 and 5.x before 5.4.2 allow remote attackers to cause a denial of service and possib
CVE-2015-1860 Multiple buffer overflows in the QtBase module in Qt before 4.8.7 and 5.x before 5.4.2 allow remote attackers to cause a denial of service and possib

Version: 4:4.8.1-0ubuntu4.8 2014-05-21 13:07:14 UTC

  qt4-x11 (4:4.8.1-0ubuntu4.8) precise; urgency=medium

  [ Rohan Garg ]
  * Add kubuntu_98_a11y_fix_crash.diff to fix plasma crashing due to
    ubuntu-specific accessibility patch LP: #1289600
 -- Rohan Garg <email address hidden> Wed, 12 Mar 2014 18:13:21 +0100

Source diff to previous version
1289600 Fix for crashes due to ubuntu-specific accessibility patch

Version: 4:4.8.1-0ubuntu4.6 2014-01-06 20:07:07 UTC

  qt4-x11 (4:4.8.1-0ubuntu4.6) precise-proposed; urgency=low

  * Query for Xi 2.2 first before falling back to Xi 2.1. (LP: #1242633)
    - This fixes unity-2d pointer barriers.
 -- Maarten Lankhorst <email address hidden> Wed, 27 Nov 2013 12:14:51 +0000

Source diff to previous version

Version: 4:4.8.1-0ubuntu4.5 2013-12-17 23:06:31 UTC

  qt4-x11 (4:4.8.1-0ubuntu4.5) precise-security; urgency=low

  * SECURITY UPDATE: [XML Entity Expansion Denial of Service] (LP: #1259577).
    - Add CVE-2013-4549.diff
    - add limit in src/xml/sax/qxml.cpp
    - http://lists.qt-project.org/pipermail/announce/2013-December/000036.html
    - CVE-2013-4549
 -- Jonathan Riddell <email address hidden> Tue, 10 Dec 2013 22:49:13 +0000

Source diff to previous version
CVE-2013-4549 XML Entity Expansion Denial of Service

Version: 4:4.8.1-0ubuntu4.4 2013-02-14 23:07:18 UTC

  qt4-x11 (4:4.8.1-0ubuntu4.4) precise-security; urgency=low

  * SECURITY UPDATE: information disclosure via MITM redirect
    - debian/patches/CVE-2012-5624.patch: don't redirect to file URLs in
      src/declarative/qml/qdeclarativexmlhttprequest.cpp.
    - CVE-2012-5624
  * SECURITY UPDATE: incorrect errors with certificate verification
    - debian/patches/CVE-2012-6093.patch: use openssl access functions to
      properly handle layout changes in
      src/network/ssl/qsslsocket_openssl.cpp,
      src/network/ssl/qsslsocket_openssl_symbols.cpp,
      src/network/ssl/qsslsocket_openssl_symbols_p.h.
    - CVE-2012-6093
  * SECURITY UPDATE: shared memory segments incorrect permissions
    - debian/patches/CVE-2013-0254.patch: set appropriate permissions in
      src/corelib/kernel/qsharedmemory_unix.cpp,
      src/corelib/kernel/qsystemsemaphore_unix.cpp,
      src/gui/image/qnativeimage.cpp,
      src/gui/image/qpixmap_x11.cpp,
      src/plugins/platforms/xcb/qxcbwindowsurface.cpp,
      src/plugins/platforms/xlib/qxlibwindowsurface.cpp,
      tools/qvfb/qvfbshmem.cpp.
    - CVE-2013-0254
 -- Marc Deslauriers <email address hidden> Wed, 06 Feb 2013 08:21:20 -0500

CVE-2012-5624 qt QML XmlHttpRequest insecure redirection
CVE-2012-6093 QSslSocket may report incorrect errors when certificate verification fails
CVE-2013-0254 The QSharedMemory class in Qt 5.0.0, 4.8.x before 4.8.5, 4.7.x before 4.7.6, and other versions including 4.4.0 uses weak permissions (world-readable



About   -   Send Feedback to @ubuntu_updates